Debugging SecurityTokenServiceApplication

SharePoint 2010 security token service application is not in debug mode by default and doesn’t expose any problems out from service. This makes ULS logs practically unusable because they give you no idea about problems in token service. To get information running you need to turn on exception details. Here is how to do it.

1. Open security token service in browser

When we open security token service application in browser (http://%3cmachine-name%3e:32843/SecurityTokenServiceApplication/securitytoken.svc) we can see the screen with message:

ServiceThe server was unable to process the request due to an internal error. For more information about the error, either turn on IncludeExceptionDetailInFaults (either from ServiceBehaviorAttribute or from the <serviceDebug> configuration behavior) on the server in order to send the exception information back to the client, or turn on tracing as per the Microsoft .NET Framework 3.0 SDK documentation and inspect the server trace logs.

2. Modify web.config file

Seems like showing the error messages is turned off. To turn error messages on we have to modify web.config file of service. You can find web.config file from the following folder:

C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\14\WebServices\SecurityToken

Add the following XML just before closing </behavior> tag:


<serviceDebug includeExceptionDetailInFaults="true" />

Refresh the service page and you should see the exception with trace.


Leave a Reply

Your email address will not be published. Required fields are marked *